package cn.zurish.cloud.security.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

@Configuration
public class CorsGlobalConfig implements WebMvcConfigurer {
    @Override
    public void addCorsMappings(CorsRegistry registry) {
        registry.addMapping("/api/**")  // 应用到所有 /api 路径
                .allowedOrigins("https://your-domain.com") // 允许的源
                .allowedMethods("GET","POST","PUT")  // 允许的方法
                .allowedHeaders("Content-Type","Authorization")
                .exposedHeaders("X-Total-Count")
                .allowCredentials(true)  // 允许携带 Cookie
                .maxAge(3600);   // 预检结果缓存 1 小时
    }
}
